exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2019-09-12

LimeSurvey 3.17.13 Cross Site Scripting
Posted Sep 12, 2019
Authored by Andreas Kolbeck, David Haintz | Site sec-consult.com

LimeSurvey versions 3.17.13 and below suffer from reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-16172, CVE-2019-16173
SHA-256 | 573baf1603249a448f854d8c59cc5938e7334c20fe44126259027c9914a5cfd5
Ubuntu Security Notice USN-4129-2
Posted Sep 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4129-2 - USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5482
SHA-256 | ca808233f949031ec0e7406b7ce055219f22a1d9510b3f889b00c3afa809eafb
Ubuntu Security Notice USN-4132-2
Posted Sep 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4132-2 - USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-15903
SHA-256 | fbf826848766fbaf6449cfc545a84245112caf7d7af0ab789fe8de9e2663cc08
Ubuntu Security Notice USN-4132-1
Posted Sep 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4132-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-15903
SHA-256 | 5ae3d88ee962e285840c5782f010c4b59205cbcb83198b238a4a581d3a31fa04
Red Hat Security Advisory 2019-2766-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2766-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains updated container images for multus-cni, operator-lifecycle-manager, and operator-registry in Red Hat OpenShift Container Platform 4.1.15. Each of these container images includes gRPC, which has been updated with the fixes for unbounded memory growth issues.

tags | advisory, registry
systems | linux, redhat
advisories | CVE-2019-9512, CVE-2019-9514, CVE-2019-9515
SHA-256 | 28beccc442a59539035c257dfef710a8afe7ed630b705656774aed0f1e5791f3
Wireshark Analyzer 3.0.4
Posted Sep 12, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: The Windows installers now ship with Npcap 0.9983. They previously shipped with Npcap 0.996. The macOS installer now ships with Qt 5.12.3. It previously shipped with Qt 5.12.4. Multiple bug fixes have been applied.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 773bd57df2aeae1694a0b7fbfb34283ba24799cfd6299eed696630fc9ebeecbf
Generic Zip Slip Traversal
Posted Sep 12, 2019
Authored by sinn3r, Snyk | Site metasploit.com

This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive extraction libraries have no mitigations against directory traversal attacks. If an application uses it, there is a risk when opening an archive that is maliciously modified, and results in the embedded payload to be written to an arbitrary location (such as a web root), and results in remote code execution.

tags | exploit, remote, web, arbitrary, root, code execution
systems | cisco
SHA-256 | 8f0ccbdfa41b81ddec1fba4936ed5ca28502dd6600b5ac754d4fe23b7ec5988d
Red Hat Security Advisory 2019-2756-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2756-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.255. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2019-8069, CVE-2019-8070
SHA-256 | 24fb48adc8986069cc7280ed8bc4147fac4efc086dd46e3af9b271adfdb50da1
Red Hat Security Advisory 2019-2746-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2746-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | d98d71f0e6f8a7c11eaeb24675ee7f294833caa8ee363c3c52bb13f5b782bc94
Red Hat Security Advisory 2019-2745-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2745-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
SHA-256 | 174cbd24fc1d2e93e73177950504374ebd0ed511c1661841094a7c2ba620ac1d
Red Hat Security Advisory 2019-2743-01
Posted Sep 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2743-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-14379
SHA-256 | 9861f6776353801b0f0be0a7e9ac3f21f608c13cc8b9a9d6d1f8ccbc3c0425ef
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Sep 12, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | c1838cd8baf52d6067003bb7b88722a3ba6e50d555c4c77d80b9d986eb702103
Slackware Security Advisory - openssl Updates
Posted Sep 12, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-1547, CVE-2019-1563
SHA-256 | fe19426b23027a70690a4af7eb2f175ccf43a3c6e29a2239b5251501fe492c0a
Slackware Security Advisory - curl Updates
Posted Sep 12, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-5481, CVE-2019-5482
SHA-256 | e664a293d86045c1062920c6af0cef870299e2bc60d2a2bf7b469b9cc6f4affa
Opencart 2.3.0.2 Pre-Auth Remote Command Execution
Posted Sep 12, 2019
Authored by Todor Donev

Opencart version 2.3.0.2 pre-authentication remote command execution exploit.

tags | exploit, remote
SHA-256 | 241c2df2c06d04ed1d46433e033708608f5d3557b99ec80f4c641aa0910f2a98
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close